Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/bA279KRE0xSzaEnHyMC6_8rUtIY.roa
File: bA279KRE0xSzaEnHyMC6_8rUtIY.roa (raw, json)
Hash identifier: fKZZD7L6iBMhGsnzfjHZR5HFfWd8oqQiGB/uIr2hjG4=
Subject key identifier: 6C:0D:BB:F4:A4:44:D3:14:B3:68:49:C7:C8:C0:BA:FF:CA:D4:B4:86
Certificate issuer: /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial: 0190048662FA29A2C40468E2F116AE11B4DE
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/bA279KRE0xSzaEnHyMC6_8rUtIY.roa
Signing time: Mon 10 Jun 2024 23:40:34 +0000
ROA not before: Mon 10 Jun 2024 23:40:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.137.16.0/24 maxlen: 24
45.137.17.0/24 maxlen: 24
45.137.19.0/24 maxlen: 24
81.28.252.0/24 maxlen: 24
81.28.253.0/24 maxlen: 24
81.28.254.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:04:86:62:fa:29:a2:c4:04:68:e2:f1:16:ae:11:b4:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Validity
Not Before: Jun 10 23:40:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c0dbbf4a444d314b36849c7c8c0baffcad4b486
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:70:5b:70:ed:b4:05:eb:9b:c5:29:1d:cf:de:
71:5d:09:26:59:3b:01:55:28:ac:87:a7:a0:a4:c4:
20:63:b8:d6:16:fc:ad:a3:2e:99:d5:a9:3b:30:45:
f2:75:e9:85:23:57:37:07:c9:5e:60:9d:13:b1:ca:
6d:8a:4b:78:85:24:d0:40:23:11:7f:19:32:68:6c:
35:37:95:46:1f:62:af:d8:2c:77:73:28:13:5d:2d:
ec:28:1b:cf:a1:09:3c:f2:06:c1:1f:97:78:0f:a1:
96:4c:d8:39:a7:d4:4e:d3:05:6a:f8:da:a5:e3:63:
c4:ce:43:16:86:82:ad:82:10:f7:07:96:8f:5e:6f:
38:c9:af:0a:5d:c4:f8:d9:ec:19:c3:fb:18:79:d2:
7d:86:8a:5a:78:99:46:4a:96:2f:8d:ae:bd:40:e9:
a3:bf:d2:42:7e:01:e7:23:5f:a8:68:b6:41:68:32:
c1:aa:25:db:ec:c5:f0:df:56:73:d5:55:b4:fa:bc:
f6:3a:b8:d8:fe:2b:3c:cd:ca:d0:1b:80:e2:60:7c:
50:47:d3:dc:5b:b2:dc:97:0a:10:c5:07:b9:ac:e9:
b8:3b:8d:4c:aa:ea:8b:17:df:6e:d5:c7:06:9b:84:
fb:bc:95:2d:75:a3:0d:d2:b4:75:f6:ca:c6:c1:c4:
16:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:0D:BB:F4:A4:44:D3:14:B3:68:49:C7:C8:C0:BA:FF:CA:D4:B4:86
X509v3 Authority Key Identifier:
keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/bA279KRE0xSzaEnHyMC6_8rUtIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.16.0/23
45.137.19.0/24
81.28.252.0-81.28.254.255
Signature Algorithm: sha256WithRSAEncryption
06:90:67:f5:57:95:ac:cc:20:3b:d9:2e:67:8a:d7:b7:c8:3e:
19:ad:ec:3e:88:23:21:e0:f8:12:94:11:4a:be:8b:06:4c:0e:
03:8d:6b:ba:38:d8:b1:bf:fd:6a:80:c6:7b:cf:bc:ca:cd:a1:
7c:9b:57:2b:4b:0b:28:36:3c:6d:39:ac:ca:13:6b:60:51:e7:
51:a0:4a:d9:8f:97:a4:4b:4e:07:c2:c8:33:2a:f7:54:f7:07:
9e:87:b6:be:7e:75:dc:2b:31:ed:af:f3:da:d7:6d:e8:9e:c6:
39:e3:af:f6:30:52:0a:70:e1:28:ce:03:38:0c:b7:84:e1:60:
b9:77:73:3e:bc:85:6a:f8:6d:06:99:d1:5c:5a:fd:bd:cf:d6:
ca:34:e7:fa:00:e2:3a:d1:f2:7a:2c:ea:0d:13:57:a1:b4:1e:
92:0e:1a:47:fb:38:b2:1f:c9:12:16:fa:37:5e:20:2d:a3:6f:
8b:02:19:90:ef:d4:00:1f:97:3d:cd:85:90:92:75:94:1a:ef:
df:7c:b2:e8:7c:c3:d3:3e:4a:d3:7b:10:65:af:d3:05:5d:ff:
d9:cb:0e:f9:ce:e1:53:e8:63:61:81:0c:3c:72:73:18:4f:a7:
3b:5f:1e:f0:8a:aa:1f:99:87:a1:a4:e0:c1:b5:66:8a:64:97:
b9:85:36:2e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZAEhmL6KaLEBGji8RauEbTeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMGMwZDA0MjI1NTY2ZGI5NWU5YWQzYjJlZjYwNTAxNDk3
NWFhYTIwHhcNMjQwNjEwMjM0MDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzBkYmJmNGE0NDRkMzE0YjM2ODQ5YzdjOGMwYmFmZmNhZDRiNDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXBbcO20BeubxSkdz95xXQkmWTsB
VSish6egpMQgY7jWFvytoy6Z1ak7MEXydemFI1c3B8leYJ0Tscptikt4hSTQQCMR
fxkyaGw1N5VGH2Kv2Cx3cygTXS3sKBvPoQk88gbBH5d4D6GWTNg5p9RO0wVq+Nql
42PEzkMWhoKtghD3B5aPXm84ya8KXcT42ewZw/sYedJ9hopaeJlGSpYvja69QOmj
v9JCfgHnI1+oaLZBaDLBqiXb7MXw31Zz1VW0+rz2OrjY/is8zcrQG4DiYHxQR9Pc
W7LclwoQxQe5rOm4O41MquqLF99u1ccGm4T7vJUtdaMN0rR19srGwcQW+wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFGwNu/SkRNMUs2hJx8jAuv/K1LSGMB8GA1UdIwQY
MBaAFJsMDQQiVWbblemtOy72BQFJdaqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMt
ZThlZjJmMDk1OThlLzEvYkEyNzlLUkUweFN6YUVuSHlNQzZfOHJVdElZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMtZThlZjJmMDk1OThl
LzEvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBLYkQAwQA
LYkTMAwDBAJRHPwDBABRHP4wDQYJKoZIhvcNAQELBQADggEBAAaQZ/VXlazMIDvZ
LmeK17fIPhmt7D6IIyHg+BKUEUq+iwZMDgONa7o42LG//WqAxnvPvMrNoXybVytL
Cyg2PG05rMoTa2BR51GgStmPl6RLTgfCyDMq91T3B56Htr5+ddwrMe2v89rXbeie
xjnjr/YwUgpw4SjOAzgMt4ThYLl3cz68hWr4bQaZ0Vxa/b3P1so05/oA4jrR8nos
6g0TV6G0HpIOGkf7OLIfyRIW+jdeIC2jb4sCGZDv1AAflz3NhZCSdZQa7998suh8
w9M+StN7EGWv0wVd/9nLDvnO4VPoY2GBDDxycxhPpztfHvCKqh+Zh6Gk4MG1Zopk
l7mFNi4=
-----END CERTIFICATE-----
Generated at Mon Jul 15 13:08:14 2024 by rpki-client on console-fra.rpki-client.org